History

Digital Forensics Framework

Digital Forensics Framework is a project dedicated to digital forensics. Written in Python and C++, it is cross-platform, highly modular and customizable. The graphical user interface is developped with PyQt. Interface between Python and C++ is achieved thanks to Swig.

DFF is open source and released under the terms of the GNU General Public License v2 (GPL).

Overview

User experience

  • Cross-platform (Linux, Windows, work in progress to provide a port to *BSD and Mac OS X)
  • Highly modular and extensible
  • Scriptable
  • User-friendly graphical interface
  • Ergonomic console interface (enhanced completion)
  • Stackable file system
  • Multithreaded
  • Gallery viewer
  • Thematic modules

Developer experience

  • API available both in Python and C++
  • Core API wrote in C++ for enhanced speed
  • Live Scripting : API available and scriptable through python interpreter
  • Easy drivers and script developement through the API
  • Possibility of writing script both in graphical interface and console
  • IDE, with template available for different type of modules (graphical, console, drivers)

Read more about DFF features

Documentation

You can read the DFF guide (work in progress).

Others resources:

Support

Forums

For getting help or discussing about DFF, you can browse the DFF forums. In order to post a message, you will need to be registered. You can register through this page.

IRC

In addition to the forum, you can also join the channel #digital-forensic on freenode IRC network. Most of the team is present and will answer your questions.

Report, features, ...

If you need to submit a bug report, a patch or a feature request, please read the Submission guidelines.

Other ressources

The following links provide some information concerning the project evolution:

volatility.png - vol_screenshot (89.3 KB) fba, 22 Mar 2010 18:23

Also available in: HTML TXT